Security Focus – CVE-2020-326 – So called New wine in old bottles (18th Mar 2020)

Preface: Cisco SD-WAN Solution Privilege Escalation Vulnerability. Sound dangerous but it can only conduct internally. If someone can make it happen. It can elevate privileges to root on the underlying operating system.

Details: Perhaps Cisco fans still remember that a vulnerability encountered on SDWAN on Jun 2019. I presumably there may be similarities to this matter. The official announcement said An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain root-level privileges. The details happened on June 2019 shown as below:

Cisco official announcement – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwpresc-ySJGvE9

Other than that perhaps you will be interested of other vulnerabilities found on SDWAN

Buffer overflow – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanbo-QKcABnS2

Command Injection – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwclici-cvrQpH9v

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.